2. Slide #2[OMA-Template-TPslides-20140101-I]
What is GotAPI?
Generic Open Terminal API Framework
•A published specification of the Open Mobile Alliance (OMA)
•A design pattern and implementation framework enabling user-
mediated web app access to arbitrary local or connected device APIs
GotAPI Open Source Project
• NTT Docomo’s DeviceConnect (see supported devices)
• GotAPI open source project, launched in October 2014
• Various devices supported
• Enables device vendors to reduce costs and time to develop
applications interworking with smartphones
Device WebAPI Consortium
• An industry initiative to promote device Web APIs based on OMA
GotAPI
• Launched in April 2015
3. Slide #3[OMA-Template-TPslides-20140101-I]
Overview of GotAPI Design
• Device-local web server
(“GotAPI Server) acts as
bridge to API plugins
• Web apps discover GotAPI
support and get approved
access to APIs
• Web apps use standard web
APIs (XHR, SSE,
WebSockets, WebRTC) to
access APIs thru the GotAPI
Server or directly (if supported
by plugin)
• Plugins provide access to
device-local APIs/resources or
connected devices, as
applicable for the plugin
5. Slide #5[OMA-Template-TPslides-20140101-I]
Architecture
• A “GotAPI app” implements
servers for API access auth
and operations
• Developers create plugins
that integrate with GotAPI
thru platform-specific
methods
• Devices that can be
accessed are only limited
to the types of connections
supported by the GotAPI
host device, and the
openness of connected
device interfaces
6. Slide #6[OMA-Template-TPslides-20140101-I]
Basic Flow
• App seeks and
gains access to
GotAPI-enabled
services
• App discovers
available APIs
• App requests
and is allowed
access to
specific API
• App accesses
the APIs thru the
GotAPI Server or
directly
8. Slide #8[OMA-Template-TPslides-20140101-I]
Focus on Security
•GotAPI contains specific measures to address
• Application registration and authenticity
• Application spoofing by rogue apps
• Privacy (user-mediated access to plug-ins and devices)
• GotAPI Server spoofing by rogue apps
• Plugin spoofing by rogue plugin
• DOS attacks
•GotAPI assumes
• Host device is not rooted
• Apps are obtained from legitimate sources (App Stores, web servers)
11. Slide #11[OMA-Template-TPslides-20140101-I]
Next Steps for GotAPI
•GotAPI 1.1 is complete specifications for WebSocket based APIs
•Device WebAPI 1.0 is developing specific plugin APIs for
•Healthcare devices based upon published and implemented
IEEE specs
• Thermometer
• Pulse Oximeter
• Weight Scale and Body Composition Analyzer
• Blood Pressure Monitor
• Glucometer
• Heart Rate Monitor
• 3D Printers